1 00:00:00,330 --> 00:00:01,930 So welcome to the first part 2 00:00:01,930 --> 00:00:05,910 of this ECS demo. And to create an ECS service, 3 00:00:05,910 --> 00:00:09,180 I first need to go ahead and create a task definition. 4 00:00:09,180 --> 00:00:11,490 So let's create a new task definition 5 00:00:11,490 --> 00:00:16,230 and task definition indicates how to create an ECS task. 6 00:00:16,230 --> 00:00:21,160 So this one will be nginxdemos-hello. 7 00:00:21,160 --> 00:00:23,200 And that's the name of the image I'm going to use. 8 00:00:23,200 --> 00:00:25,600 So if you type nginxdemos-hello, 9 00:00:25,600 --> 00:00:28,090 you find a docker image from dockerhub. 10 00:00:28,090 --> 00:00:29,430 And this image we're going to be using. 11 00:00:29,430 --> 00:00:32,180 So I can copy this right here. 12 00:00:32,180 --> 00:00:35,107 So the name of this is 13 00:00:35,107 --> 00:00:37,820 nginxdemos-hello. 14 00:00:37,820 --> 00:00:38,840 And the image URI, 15 00:00:38,840 --> 00:00:40,870 I have the one thing that I copy and pasted 16 00:00:40,870 --> 00:00:42,320 including the slash. 17 00:00:42,320 --> 00:00:45,130 So that's my first and only essential container 18 00:00:45,130 --> 00:00:48,390 in this definition and it's going to create 19 00:00:48,390 --> 00:00:51,230 an HTTP server that will be binded to port 80. 20 00:00:51,230 --> 00:00:53,500 So I could have container port as 80. 21 00:00:53,500 --> 00:00:55,760 I will not add any environment variables 22 00:00:55,760 --> 00:00:57,450 and I will not add any more containers. 23 00:00:57,450 --> 00:00:59,520 So I will leave everything as default. 24 00:00:59,520 --> 00:01:00,720 Then for the app environment 25 00:01:00,720 --> 00:01:04,430 I can choose either Fargate or Amazon EC2 instances. 26 00:01:04,430 --> 00:01:06,730 So if we set Fargate, we're going to launch task directly 27 00:01:06,730 --> 00:01:09,520 in serverless mode or Amazon instances, 28 00:01:09,520 --> 00:01:11,890 we're going to launch a task on Amazon EC2 instances 29 00:01:11,890 --> 00:01:13,930 that we launched before. 30 00:01:13,930 --> 00:01:14,810 To keep things simple, 31 00:01:14,810 --> 00:01:17,753 I'm going to use only the AWS Fargate mode right here. 32 00:01:18,750 --> 00:01:21,550 Next we need to choose a system, so Linux is great. 33 00:01:21,550 --> 00:01:25,410 And then a task size, so I can choose 0.5 CPU 34 00:01:25,410 --> 00:01:27,627 as well as one gigabytes of RAM. Okay. 35 00:01:27,627 --> 00:01:32,120 So this is how much CPU and RAM we allocate to each task. 36 00:01:32,120 --> 00:01:34,740 We could go less, but this is a good idea. 37 00:01:34,740 --> 00:01:37,150 And if you wanted to have more memory, of course 38 00:01:37,150 --> 00:01:39,980 you could scroll down and add up to 30 gigabytes of memory, 39 00:01:39,980 --> 00:01:42,980 for example. Okay. More importantly, 40 00:01:42,980 --> 00:01:44,880 if that task was, for example 41 00:01:44,880 --> 00:01:47,400 doing API calls into Amazon S3, 42 00:01:47,400 --> 00:01:49,920 then we could add an IAM task role. 43 00:01:49,920 --> 00:01:53,460 And this IAM task role would allow us to run API calls 44 00:01:53,460 --> 00:01:55,290 against the AWS services. 45 00:01:55,290 --> 00:01:56,750 But right now, because we're just running 46 00:01:56,750 --> 00:02:01,120 a simple HTTP server, we don't need to do anything else. 47 00:02:01,120 --> 00:02:03,160 In terms of storage, we can leave everything as is. 48 00:02:03,160 --> 00:02:04,950 The task will come with 20 gigabytes 49 00:02:04,950 --> 00:02:08,919 of ephemeral storage from Fargate, so we're good. 50 00:02:08,919 --> 00:02:12,830 And in terms of everything else, we won't touch it. 51 00:02:12,830 --> 00:02:13,820 So we review and create 52 00:02:13,820 --> 00:02:16,830 and we have defined our first task definition family 53 00:02:16,830 --> 00:02:18,753 called the nginxdemos-hello. 54 00:02:20,420 --> 00:02:22,380 So let's create this. 55 00:02:22,380 --> 00:02:24,923 And now the task definition is being created. 56 00:02:25,820 --> 00:02:27,230 So next what I want to do is 57 00:02:27,230 --> 00:02:30,350 to actually run this task definition in a service 58 00:02:30,350 --> 00:02:33,040 behind a load balancer, and as such, 59 00:02:33,040 --> 00:02:35,740 I need to define two kinds of security groups. 60 00:02:35,740 --> 00:02:37,180 So if I go into security groups, 61 00:02:37,180 --> 00:02:39,650 I'm going to create a new security group 62 00:02:39,650 --> 00:02:41,380 and I will call this one sg-alb-ecs 63 00:02:43,840 --> 00:02:47,630 which is my ALB for ECS SG. 64 00:02:47,630 --> 00:02:51,110 And in inbound rule, I will allow to connect to port 80 65 00:02:51,960 --> 00:02:56,130 from Anywhere- IPv6 66 00:02:56,130 --> 00:02:58,030 and Anywhere- IPv4 67 00:02:58,930 --> 00:03:00,383 to make sure I can connect. 68 00:03:02,090 --> 00:03:02,923 Okay. 69 00:03:03,840 --> 00:03:07,560 And then I will create this security group 70 00:03:07,560 --> 00:03:09,420 and it cannot begin by this. 71 00:03:09,420 --> 00:03:11,753 So alb-ecs-sg. 72 00:03:14,240 --> 00:03:17,370 Perfect. So this security group has been created. 73 00:03:17,370 --> 00:03:19,320 And the second security group I need to create 74 00:03:19,320 --> 00:03:21,470 is the one for my ECS task. 75 00:03:21,470 --> 00:03:26,470 So I'll call this one nginx-demo-sg 76 00:03:27,640 --> 00:03:31,030 and we're going to allow inbound rule on anywhere 77 00:03:32,321 --> 00:03:35,110 but coming from a specific security group 78 00:03:35,110 --> 00:03:36,730 which is my alb-ecs-sg. 79 00:03:38,100 --> 00:03:42,010 So allow traffic from the ALB, which is very similar setup 80 00:03:42,010 --> 00:03:44,790 to what we had when we had EC2 instances. 81 00:03:44,790 --> 00:03:48,040 Okay. And then I will choose all TCP. 82 00:03:48,040 --> 00:03:50,520 So all TCP on the security group. 83 00:03:50,520 --> 00:03:55,483 Okay. Let's create this one and SG for NGINX. 84 00:03:59,240 --> 00:04:01,070 So now that I've created two security groups, 85 00:04:01,070 --> 00:04:03,800 we can go ahead and create our first service. 86 00:04:03,800 --> 00:04:07,030 So back into ECS, I will go in clusters, 87 00:04:07,030 --> 00:04:12,030 find my DemoCluster, and then under services I will create 88 00:04:12,150 --> 00:04:14,270 and deploy a new service. 89 00:04:14,270 --> 00:04:17,180 So the deployment configuration is going to be 90 00:04:17,180 --> 00:04:19,470 of type 'service' because we are launching 91 00:04:19,470 --> 00:04:24,050 a long-running computing work that is a web application. 92 00:04:24,050 --> 00:04:26,760 But if you wanted to start a standalone task that runs 93 00:04:26,760 --> 00:04:28,930 and terminates, for example, a batch job, 94 00:04:28,930 --> 00:04:31,940 then you would use the 'task' application type. 95 00:04:31,940 --> 00:04:34,810 So we'll use service and we'll specify a family 96 00:04:34,810 --> 00:04:37,980 which is the one we created, the nginxdemos-hello, 97 00:04:37,980 --> 00:04:40,820 as well as a revision number, which is one, the latest. 98 00:04:40,820 --> 00:04:43,340 Service name is going to be called nginxdemos, 99 00:04:44,460 --> 00:04:48,490 and we for now want only one desired tasks. 100 00:04:48,490 --> 00:04:51,920 For deployment options, we can leave this as default. 101 00:04:51,920 --> 00:04:54,470 Now for load balancing, yes, we do want a load balancer 102 00:04:54,470 --> 00:04:57,460 and we want an application load balancer to be working 103 00:04:57,460 --> 00:04:59,820 and let's go ahead and create it. 104 00:04:59,820 --> 00:05:01,930 So I'll call this one DemoALBForECS. 105 00:05:05,210 --> 00:05:07,330 It's going to listen on port 80 106 00:05:07,330 --> 00:05:09,490 and then we need to have a target group name. 107 00:05:09,490 --> 00:05:12,960 So this one is gonna be called nginx-ecs 108 00:05:12,960 --> 00:05:15,150 and the protocol as HTTP. 109 00:05:15,150 --> 00:05:16,983 The health check path is slash, 110 00:05:18,360 --> 00:05:22,483 and the health grace period is, let's say, 20 seconds. 111 00:05:24,120 --> 00:05:27,603 For networking, so this is for our ALB right here, 112 00:05:28,510 --> 00:05:33,340 and for networking, we can select a security group 113 00:05:33,340 --> 00:05:35,300 that is already existing. 114 00:05:35,300 --> 00:05:37,130 And the one that we are going to use 115 00:05:37,130 --> 00:05:40,820 is going to be the nginx-demo-sg, which is a security group 116 00:05:40,820 --> 00:05:44,113 that's going to be attached directly into our Fargate tasks. 117 00:05:45,040 --> 00:05:48,503 And we'll leave public IP enabled and now click on deploy. 118 00:05:49,550 --> 00:05:50,610 So what's going to happen now 119 00:05:50,610 --> 00:05:53,110 is that our service is going to be deployed, 120 00:05:53,110 --> 00:05:55,980 a load balancer is going to be created, 121 00:05:55,980 --> 00:05:58,740 and then let's observe the results. 122 00:05:58,740 --> 00:06:01,840 Okay, so my service has been deployed successfully. 123 00:06:01,840 --> 00:06:04,110 Now let's have a look to see if everything is working. 124 00:06:04,110 --> 00:06:06,690 So I'm gonna go under nginxdemos, 125 00:06:06,690 --> 00:06:10,100 and as you can see, one task is active 126 00:06:10,100 --> 00:06:12,470 and it looks like it was registered. 127 00:06:12,470 --> 00:06:15,780 So if we go back into the EC2 management console 128 00:06:15,780 --> 00:06:19,284 and go under load balancers, 129 00:06:19,284 --> 00:06:21,780 there's my load balancer right here. 130 00:06:21,780 --> 00:06:24,618 And if we look at the settings, 131 00:06:24,618 --> 00:06:26,870 the security group that was attached to it is the wrong one, 132 00:06:26,870 --> 00:06:29,130 it's the nginx-demo-sg. 133 00:06:29,130 --> 00:06:33,230 But we want to attach the alb-ecs-sg 134 00:06:33,230 --> 00:06:36,500 to be able to access our load balancer. 135 00:06:36,500 --> 00:06:39,480 Okay. So now we assigned the correct security group. 136 00:06:39,480 --> 00:06:44,193 Now let's go and open this URL for our load balancer. 137 00:06:46,890 --> 00:06:48,530 And now it says, refuse to connect. 138 00:06:48,530 --> 00:06:51,950 So that means that it's connecting to the ALB 139 00:06:51,950 --> 00:06:55,030 but the ALB is not connecting to the ECS tasks. 140 00:06:55,030 --> 00:06:56,970 So it took me a while to figure that one out. 141 00:06:56,970 --> 00:06:58,520 But if you go to listeners, 142 00:06:58,520 --> 00:07:02,010 somehow the listener ID was on port HTTP 79. 143 00:07:02,010 --> 00:07:05,660 I'm not sure why, maybe it's a bug from the new UI of ECS. 144 00:07:05,660 --> 00:07:10,030 But what I should be setting is port HTTP on port 80 145 00:07:10,030 --> 00:07:13,410 right here in my listener detail. And that should fix it. 146 00:07:13,410 --> 00:07:15,080 So let's save my changes. 147 00:07:15,080 --> 00:07:19,070 Now, my ALB is connected to the right listener port 148 00:07:20,180 --> 00:07:23,053 and let's go back in here and refresh this page. 149 00:07:25,130 --> 00:07:26,810 And very soon, I should wait a little bit. 150 00:07:26,810 --> 00:07:28,600 Here we go, perfect. 151 00:07:28,600 --> 00:07:31,280 We are connected to the nginx web server 152 00:07:31,280 --> 00:07:32,470 running on the ECS task. 153 00:07:32,470 --> 00:07:35,550 And we get the server address, the binding port, 154 00:07:35,550 --> 00:07:38,440 the server name, as well as the date right now. 155 00:07:38,440 --> 00:07:40,897 And the URL we hit. So if we hit slash test, 156 00:07:40,897 --> 00:07:44,450 we're going to get a slash test as well in here. 157 00:07:44,450 --> 00:07:45,910 Okay. So that's pretty good. 158 00:07:45,910 --> 00:07:49,980 So we have one ECS task running behind our load balancer 159 00:07:49,980 --> 00:07:52,520 in our ECS service. Okay. 160 00:07:52,520 --> 00:07:54,650 So if I go to services right here, it's there. 161 00:07:54,650 --> 00:07:56,490 But I can click on services 162 00:07:56,490 --> 00:07:58,210 and we can start scaling our service. 163 00:07:58,210 --> 00:08:00,820 So I can do edits, and then instead of one task, 164 00:08:00,820 --> 00:08:03,600 and this is going to cost you money if you do it by the way, 165 00:08:03,600 --> 00:08:07,010 so if you don't want to spend a lot, then don't do this, 166 00:08:07,010 --> 00:08:10,180 but I'm going to specify four tasks and update. 167 00:08:10,180 --> 00:08:15,180 So now we're launching four tasks in our ECS services 168 00:08:15,630 --> 00:08:17,070 and they're all running on Fargate. 169 00:08:17,070 --> 00:08:19,740 So very, very quickly four tasks are going to 170 00:08:19,740 --> 00:08:22,140 launch run at one out of four. Okay. 171 00:08:22,140 --> 00:08:25,400 But very quickly three tasks are in the pending states. 172 00:08:25,400 --> 00:08:28,650 And very, very soon, because it's running on Fargate, 173 00:08:28,650 --> 00:08:31,250 it's going to be provisioned and run right away. 174 00:08:31,250 --> 00:08:33,520 So this is the whole power of Fargate, it's serverless, 175 00:08:33,520 --> 00:08:36,820 and we don't have to manage EC2 infrastructure 176 00:08:36,820 --> 00:08:38,799 behind the scene to make it work. 177 00:08:38,799 --> 00:08:40,861 So, as you can see now, one, two, 178 00:08:40,861 --> 00:08:44,683 and then a last task is going to run very, very soon. 179 00:08:45,640 --> 00:08:49,870 So as you can see, it's quite quick to scale an ECS service. 180 00:08:49,870 --> 00:08:54,330 And what I can do now is go back to my load balancer 181 00:08:54,330 --> 00:08:57,130 and refresh this page. And as I refresh this page, 182 00:08:57,130 --> 00:09:01,491 as you can see, I am switching between my various ECS tasks 183 00:09:01,491 --> 00:09:02,890 in the back end. 184 00:09:02,890 --> 00:09:05,950 So it's working just like we did for EC2 instances 185 00:09:05,950 --> 00:09:07,810 but now we run docker containers 186 00:09:07,810 --> 00:09:11,030 and these docker containers can be whatever we want. 187 00:09:11,030 --> 00:09:15,280 So super good. We have now four ECS task running. 188 00:09:15,280 --> 00:09:17,660 And so if I refresh this page many times 189 00:09:17,660 --> 00:09:20,660 I'm going to switch between four instances 190 00:09:20,660 --> 00:09:22,830 which I find pretty awesome. 191 00:09:22,830 --> 00:09:25,660 And we were able to, with a bit of struggle, 192 00:09:25,660 --> 00:09:28,640 to launch an ECS service, ECS task, 193 00:09:28,640 --> 00:09:31,660 link it to a load balancer, and so on. 194 00:09:31,660 --> 00:09:34,167 So just to scale back this demo and save on cost, 195 00:09:34,167 --> 00:09:37,760 I'm going to take my service, I will edit it, 196 00:09:37,760 --> 00:09:40,600 and I will say I want zero number of tasks 197 00:09:40,600 --> 00:09:44,450 as a specified number which will allow me to scale back 198 00:09:44,450 --> 00:09:47,480 all my tasks back to zero, but still keep my setup 199 00:09:47,480 --> 00:09:49,320 in case I need it later on. 200 00:09:49,320 --> 00:09:52,040 So you can keep the service at zero tasks 201 00:09:52,040 --> 00:09:53,880 and they all going to be terminated. 202 00:09:53,880 --> 00:09:55,710 And you can keep the ALB for now, 203 00:09:55,710 --> 00:09:57,920 if you have one ALB running in your account, 204 00:09:57,920 --> 00:09:58,900 it doesn't cost you any money, 205 00:09:58,900 --> 00:10:01,810 but if you have more than one, you could also delete it. 206 00:10:01,810 --> 00:10:03,460 Okay. That's it for this lecture. 207 00:10:03,460 --> 00:10:06,460 I hope you liked it. And I will see you in the next lecture.